Theft of information and destruction of information assets are the biggest cyber threats their organizations face
BANGALORE, INDIA: Cyber attacks sponsored by states, wider adoption of cloud computing and explosive growth of mobile devices leading to increased security risks will be the hot security topics during 2011, finds a new survey by Narus, a real-time traffic intelligence company and Ponemon Institute.
Below are some of the key cyber security trends we uncovered:
1. The theft of information and destruction of information assets are the biggest cyber threats their organizations face. Of lesser concerns are the interruption of services and wrongful disclosure.
Also read: Top 5 security trends by Fortinet
2. One-third of the respondents say that their organizations are most deficient in having professional and competent staff followed by governance. The special skills or staff competencies considered essential are: knowledge about network security, technical education, white hat (hacker) skills. Considered least essential is a compliance background and law enforcement background.
3. The number one security technology considered essential is one that provides advance warningabout threats and attackers. This is followed by intelligence about the threat landscape, technology that prioritizes threats, vulnerabilities and actual attacks and efficient patch management. If advance warning is not to be available.
4. The most severe attack vectors are: SQL injection, client-side HTTP attacks, viruses and insider threats. The following are reasons why these attacks are severe: the theft of information assets, the difficulty in quickly correcting the effects from the attack, difficulty in preventing the attack, a lack of solution or patch and difficulty in detecting the attack.
5. The majority of respondents believe exploits evade enabling security technologies. Seventy seven percent believe exploits evade their firewalls, sixty seven percent say they evade their antivirus/antimalware systems and sixty percent say they evade their intrusion detection systems (IDS). This indicates that a defense in depth solution must contain a variety of security software/systems that are complementary.
Also read: IT security trends 2011
6. Organizations experience a higher percentage of infected endpoints than attacks that infiltrate their corporate networks. Viruses still dominate the landscape yet malware, bots and phishing attacks are on the rise.
7. The majority of survey respondents believe their organization has been the target of an attack sponsored by a nation or unleashed by a criminal syndicate. The respondents who believe they were attacked think that the prime purpose of this attack was theft of confidential information and disruption of critical infrastructure. Fewer think that it was to disrupt their business operations, test capabilities or damage IT equipment.
8. The three most important technologies to stopping cyber crime are: firewalls, anti-virus & antimalware, intrusion detection systems and network intelligence systems, including SIEM. Endpoint solutions and data loss prevention technologies are considered less important. The top three control procedures are expert security personnel, specialized training, collaboration in InfoSec community and policies and procedures. Of lesser importance are segregation of duties, certification and business continuity planning. However, many of the people are not totally satisfied with their current solution- they rate their satisfaction as average. This could mean that the solution is not 100% effective (no solution really is) or they need a complementary set of solutions via a cyber eco-system to help blunt the attacks and mitigate the risk of attacks.
9. To create a strong security posture in the organizations, the CIOs/Directors rated the following attributes very high: stealth and secrecy in security operations, education and training within the enterprise, alignment of the security with business objectives and holistic approach to enterprise security. Collaboration with industry and government, consistency & proportionality in resource deployment and collaboration with other companies in their industry are not considered as strategically important.
10. The vast majority of respondents believe Narus’ solution – that of real-time traffic intelligence and analytics that looks at the changes in traffic in the network i.e. the Dynamec DNA- makes sense and would potentially solve a pressing issue faced by their organizations. What would improve the solution is to reduce implementation complexity, prioritize vulnerabilities and risk areas and keep the cost low. It is interesting that offering the solution as a cloud service (SaaS) and privacy protections are not a priority.
Key trends for 2011:
· More cyber security threats sponsored by nation states vs individual hackers
· With the wider adoption of cloud computing and explosive growth of mobile devices in use, these become new venue of potential threats and a challenge to the IT security organizations.
· Social media attacks is widely believed to be a new opportunity from which to launch stealth cyber attacks
· Launch of cyber attacks for political gain (e.g. the current WikiPedia DoS and DDoS attacks to shut down PayPal, Visa, Mastercard and counter attacks)
· An increase in attacks to destroy a system or gain financial remuneration.
· Additional training of cyber warriors to combat cyber attacks.